We detected limits of SIEM systems while being used to protect critical infrastructures from sophisticated cyberattacks.
We developed a new data collection and pre-correlation framework named “GET”.
GET links physical to logical security and exploits knowledge of the Business Process.
The GET framework has been integrated into the open-source SIEM OSSIM.
We validated the GET in a dam control system and a mobile phone based payment service.